We’ve gone out to network to provide additional commentary.
Jason du Preez, Vice President of Privacy and Security at Informatica:
Why the companies that collect our data have the power and the responsibility to take control of data and use it for the common good.
“AI’s rapid evolution presents enormous potential for companies that equip themselves to do good with data. At the same time, organisations must prepare to deal with the demands of citizens — ‘data subjects’ — empowered by laws and regulations to take control of how their data is used.
Consumer expectations are moving compliance and the responsible use of data higher up the agenda – both with today’s privacy regulations and future, AI-focused legislation. Data governance, security and privacy are critical business priorities as a result.
Responding to this, and then going further to drive innovation and competitive advantage with data, requires a holistic approach to data management. Understanding, protecting, distributing, and monitoring data universally and consistently and ubiquitously becomes a necessity. Aligning the approach to the context in which data is being used is critical, as different use cases demand different levels of control.
Solutions must provide confidence in data quality, a high degree of automation, and integration into a diverse range of systems given the scale of demand for data access.”
Andrew Slavkovic, Solutions Engineering Director ANZ – CyberArk:
With Data Privacy Day around the corner, it’s encouraging to see Australia moving in the right direction with the proposed changes to the Privacy Act. However, it is imperative for organisations to go beyond regulatory compliance and proactively safeguard sensitive data.
“This is one of the reasons organisations should be adopting a robust and comprehensive cybersecurity strategy. One in which identities are front and centre. Identity security is paramount to a zero-trust security mindset. We must never trust but always verify what the identity is doing and if abnormal activity is detected we must challenge that identity in real time by seamlessly applying security controls to validate the action.” opined Slavkovic.
We must start by understanding how an identity accesses information and the value of that data, after this we can start to apply the appropriate level of security controls. A pattern of usual behaviour will be established and then any deviation can be challenged in real time.
Ultimately, data privacy and safety goes beyond compliance – it’s about a holistic approach to cybersecurity, with identity at its core.